- Home
- CVEs with nessus.description==Updated stunnel packages fix security vulnerability :
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow (CVE-2013-1762).
The updated packages also fixes the following :
- move library subpackages back into main stunnel package
- add a systemd unit file (partially fixing Bug 3951)
- fix issues with stunnel.conf and stunnel.pem, with stunnel running in a chroot environment.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top